Many systems and applications are intended to be accessible only by certain authorized user(s). Accordingly, such systems and applications commonly implement some means of authenticating a user requesting access thereto as being a user that is authorized for such access. Techniques for authenticating a user have a wide range of application in the existing art. For example, user-authentication techniques may be utilized for authenticating a user before granting the user access to a particular physical location (e.g., a user-authenticating system implemented for a door). As another example, user-authentication techniques may be utilized for authenticating a user before granting the user access to all or a portion of the functionality (e.g., applications) available on a computer system.
For instance, automated teller machines (ATMs) commonly implement an application that provides a user interface for receiving a personal identification number (PIN) from a user requesting access thereto. Only if the user provides the proper PIN for a particular account(s) for which the user is requesting access does the ATM allow the user access to such account(s). Many other systems and applications in which user access is restricted implement user interfaces that require a proper PIN (or other type of password) for access or implement similar types of user-authentication techniques in which the user is required to input certain information to the system that authenticates the user as one that is to be allowed access thereto.
Various types of user interfaces and techniques for receiving user-authenticating information have been developed in the existing art. For example, certain techniques utilize physical user-authentication devices, such as encoded cards, instead of or in addition to requiring that a user input information such as a PIN, password, etc. For instance, a door may include a card reader associated therewith such that only if a valid card that is properly encoded is swiped through the card reader is a user granted access through the door. Thus, those users possessing cards that are encoded for access to the physical area beyond the door may be allowed such access through the door, while users not possessing such cards are not allowed access through the door. In another technique, a door may have a security system with a keypad associated therewith in which a user is to input a PIN, and if the PIN input to the security system via the keypad is assigned a security level that authorizes the user access through the door, it opens; otherwise, the door denies access.
Techniques for user authentication are becoming increasingly important for mobile devices, such as mobile telephones (e.g., cellular telephones) and personal digital assistants (PDAs), as examples. Many users utilize one or more mobile devices, and the number of users of mobile devices is expected to increase as new mobile devices are developed that are more economical and/or offer increased functionality. It is important for a user authentication technique to be available for a mobile device for several reasons. As one example, the very nature of mobile devices increases the possibility that such devices may fall into the hands of an unauthorized user. For instance, the mobility of mobile devices increases the potential for the devices to be misplaced by a user or to be stolen by an unauthorized user.
Further, many mobile devices offer the ability for communication. For example, devices, such as hybrid cellular telephones are available, that can be used for both data (e.g., fax, e-mail, and short-text messaging) and voice communication. Unauthorized access to a mobile communication device that allows for communication may be particularly damaging to an authorized user (e.g., such as the owner of the mobile device). For example, the authorized user may incur charges associated with communication, such as long-distance telephone calls, placed by an unauthorized user. Additionally, an unauthorized user may send communication that appears to the recipient to have been sent by the authorized user, which may place the authorized user in an embarrassing situation. For instance, an unauthorized user may send an email message to one or more recipients that appears to the recipients to have been sent by the authorized user of the mobile device. Further, an unauthorized user may receive communication on the mobile device that such user is not authorized to receive. For instance, an unauthorized user may view confidential emails, faxes, etc., received by the mobile communication device that are intended only for the authorized user.
As another example, users often store personal and/or confidential information on mobile devices that may be damaging to the user (or others) if obtained by an unauthorized user. For instance, users often store telephone numbers, addresses, and other personal information about the user's friends and relatives on a mobile device. Additionally, users may store information about the user's finances, such as the user's bank account balance, account number, PIN number, etc., which if accessed by an unauthorized user may be damaging to the user.
In view of the above, it is particularly important to provide a means for authenticating a user of a mobile device to guard against unauthorized use thereof. However, mobile devices often have relatively limited resources available in implementing a user-authenticating technique. For example, mobile devices often comprise relatively less data storage (e.g., memory) and/or processing power than larger computing systems. Further, user input and output is often relatively limited. For instance, many mobile devices comprise relatively small displays, which may be capable of displaying only a few lines of text, for example. Further, the resolution of such displays is typically more limited than that of larger systems. And, many mobile devices comprise a relatively limited input method, such as a touch-screen keyboard displayed on the device's relatively small display.